[Date Prev][Date Next] [Chronological] [Thread] [Top]

using search filter for operational attributes (pwdAccountLockedTime)

Hey guys,

    From my understanding pwdAccountLockedTime is an operational
attribute and by ldap v3 definition it must be 'requested' to obtain the
value. However, when I include this attribute as part of a search filter
against one of my master servers I get results back but when I run it
against my proxy (back_ldap) ldap server, I get nothing. Only when I
request the attribute do I get something off the proxy. If operational
attributes should not be seen unless requesting them then how come on
my master servers it returns fine but not on the proxy? Is there a way
to make the proxy behave the same as the master's in this regard? Or do
I possible have some ACL issues?